VPN

[goneracin]

Again, top level engine builder
2 weeks into my IT career so trying to get a handle...hahahaha
Working to get my head around doing a VPN now so i can get my shit online via bi
I have a mikrotek ac3 that my isp gave me as the router for the main system.
I also have an AClite that idk where it came from...lol.
if i plug my cams into my switch.
My switch into the lite
my bi pc into the lite
my nvr into the lite
then do the VPN with openvpn say between the lite and the main router with the PC that blue iris is on that is also my wireless connection to the evil interwebz using winbox to configure the lite
is this somewhat the chain, or did i f**k the chicken in my comprehension somewhere along the line

 

[Mike A.]

Looks like the MikroTik supports VPN but, like everything else about them, seems nontrivial to set up. Search and you'll see some links.

What's is the "AClite?" Do you mean a Unifi AP? If so, that's not going to do it.

I think in this case maybe look at something like Zerotier/Tailscale.

 

[SpacemanSpiff]

What's is the "AClite?" Do you mean a Unifi AP? If so, that's not going to do it.

Might be an hAP ac lite (microtik)

 

[goneracin]

Looks like the MikroTik supports VPN but, like everything else about them, seems nontrivial to set up. Search and you'll see some links.

What's is the "AClite?" Do you mean a Unifi AP? If so, that's not going to do it.

I think in this case maybe look at something like Zerotier/Tailscale.

MikroTik
an older version of this i believe
It was getting late so i didnt search much
ill do some looking over the weekend

 

[SpacemanSpiff]

Can you BI box take a 2nd network interface card (NIC)? The ideal scenario is to separate your camera network from the rest of your home LAN:

Dual NIC setup on your Blue Iris Machine

In making your system more secure this is a great option to eliminate your cameras calling home / connecting to the internet This is a great place to start to setup a bit more secure network and learn more about IP/Subnets etc. before adding dual NICs: Router Security - Subnets and IP addresses...

ipcamtalk.com

Looks like microtiks RouterOS has the OVPN support. I recommend reviewing the hAP ac lite TC to confirm it's rev of firmware has OVPN support

VPN Primer for Noobs

The internet is a force of nature; no video surveillance system made was designed to be exposed to those forces.. NEVER FORWARD PORTS to your NVR or Cameras, doing such things not only exposes you to severe security problems, but everyone else on the internet too.. Hackers dont want your video...

ipcamtalk.com

 

[Mike A.]

Might be an hAP ac lite (microtik)

Ahhh… that makes sense.

Still think that given your 2-week networking career and past discussions in other threads that you might be better off looking at zerotier/tailscale. At least to start. MikroTik makes good stuff especially for the money but not the easiest to work with. You can search and find some instructions for setting it up and see what you think. Can do the zerotier for now to get up and running fairly quickly and then try the other later as you figure it out more.

 

[goneracin]

Ahhh… that makes sense.

Still think that given your 2-week networking career and past discussions in other threads that you might be better off looking at zerotier/tailscale. At least to start. MikroTik makes good stuff especially for the money but not the easiest to work with. You can search and find some instructions for setting it up and see what you think. Can do the zerotier for now to get up and running fairly quickly and then try the other later as you figure it out more.

its crazy, i know how to get around in the machine, but the IT part of it is like friggin voodoo to me rightnow
you want to make 2500 HP, call me
you want to set up a VPN? ahhhh not so much..
ill look into them sir, thank you for that

 

[goneracin]

Can you BI box take a 2nd network interface card (NIC)? The ideal scenario is to separate your camera network from the rest of your home LAN:

Dual NIC setup on your Blue Iris Machine

In making your system more secure this is a great option to eliminate your cameras calling home / connecting to the internet This is a great place to start to setup a bit more secure network and learn more about IP/Subnets etc. before adding dual NICs: Router Security - Subnets and IP addresses...

ipcamtalk.com

Looks like microtiks RouterOS has the OVPN support. I recommend reviewing the hAP ac lite TC to confirm it's rev of firmware has OVPN support

VPN Primer for Noobs

The internet is a force of nature; no video surveillance system made was designed to be exposed to those forces.. NEVER FORWARD PORTS to your NVR or Cameras, doing such things not only exposes you to severe security problems, but everyone else on the internet too.. Hackers dont want your video...

ipcamtalk.com

i bought a little Lenovo Think Centre as a friend of mine is using it for his, but after seeing it, im guessing hes not very secure...lol
hes who told me about Bi though. I think hes hooked direct to his house router via his think center to BI as he was showing me his cams on his phone

 

[goneracin]

Can you BI box take a 2nd network interface card (NIC)? The ideal scenario is to separate your camera network from the rest of your home LAN:

Dual NIC setup on your Blue Iris Machine

In making your system more secure this is a great option to eliminate your cameras calling home / connecting to the internet This is a great place to start to setup a bit more secure network and learn more about IP/Subnets etc. before adding dual NICs: Router Security - Subnets and IP addresses...

ipcamtalk.com

Looks like microtiks RouterOS has the OVPN support. I recommend reviewing the hAP ac lite TC to confirm it's rev of firmware has OVPN support

VPN Primer for Noobs

The internet is a force of nature; no video surveillance system made was designed to be exposed to those forces.. NEVER FORWARD PORTS to your NVR or Cameras, doing such things not only exposes you to severe security problems, but everyone else on the internet too.. Hackers dont want your video...

ipcamtalk.com

so, if i understand correctly, yes, it can
it has the ethernet port
and the wifi port into my router

 

[goneracin]

so if i took something like this
this
and plugged all my shit (switch, bi computer etc, into it, then gave this access to my isp provided router, my shit behind here is covered?
My wife works for a major hospital system and their access is pretty tight
this would allow me a chance to keep my shit isolated, and learn the vpn system, while allowing her to access her network until i figure more out...lol
the extra money isnt an issue right now, ive got no time to really learn stuff in the moment, it might take months to find the time

 

[fenderman]

so if i took something like this
this
and plugged all my shit (switch, bi computer etc, into it, then gave this access to my isp provided router, my shit behind here is covered?
My wife works for a major hospital system and their access is pretty tight
this would allow me a chance to keep my shit isolated, and learn the vpn system, while allowing her to access her network until i figure more out...lol
the extra money isnt an issue right now, ive got no time to really learn stuff in the moment, it might take months to find the time

No that wont work. If money is not a problem, hire a professional network engineer to properly secure your network with the right equipment for your needs. That junk doesnt even have basic vlan functionality.